Skip to content
This repository was archived by the owner on Dec 18, 2024. It is now read-only.

Commit d89f409

Browse files
ThisIsMissEmThisIsMissEm
authored
security: rotate npm credentials (#639)
1 parent f26f69d commit d89f409

File tree

3 files changed

+5
-5
lines changed

3 files changed

+5
-5
lines changed

.github/workflows/cd-teardown.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -22,9 +22,9 @@ jobs:
2222
run: |
2323
export EXISTING_TAGS=$(npm dist-tag ls @inrupt/solid-client | grep --count $TAG_SLUG)
2424
# Unfortunately GitHub Actions does not currently let us do something like
25-
# if: secrets.NPM_TOKEN != ''
25+
# if: secrets.INRUPT_NPM_TOKEN != ''
2626
# so simply skip the command if the env var is not set:
2727
if [ -n $NODE_AUTH_TOKEN ] && [ $EXISTING_TAGS -eq 1 ]; then npm dist-tag rm @inrupt/solid-client $TAG_SLUG; fi
2828
env:
29-
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
29+
NODE_AUTH_TOKEN: ${{ secrets.INRUPT_NPM_TOKEN }}
3030
- run: echo "Package tag [$TAG_SLUG] unpublished."

.github/workflows/cd.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -89,15 +89,15 @@ jobs:
8989
if: github.actor != 'dependabot[bot]'
9090
run: |
9191
# Unfortunately GitHub Actions does not currently let us do something like
92-
# if: secrets.NPM_TOKEN != ''
92+
# if: secrets.INRUPT_NPM_TOKEN != ''
9393
# so simply skip the command if the env var is not set:
9494
if [ -z $NODE_AUTH_TOKEN ]; then echo "No npm token defined; package not published."; fi
9595
if [ -n $NODE_AUTH_TOKEN ]; then npm publish --access public --tag "$TAG_SLUG"; fi
9696
if [ -n $NODE_AUTH_TOKEN ]; then echo "Package published. To install, run:"; fi
9797
if [ -n $NODE_AUTH_TOKEN ]; then echo ""; fi
9898
if [ -n $NODE_AUTH_TOKEN ]; then echo " npm install @inrupt/solid-ui-react@$TAG_SLUG"; fi
9999
env:
100-
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
100+
NODE_AUTH_TOKEN: ${{ secrets.INRUPT_NPM_TOKEN }}
101101
TAG_SLUG: ${{ needs.prepare-deployment.outputs.tag-slug }}
102102
- name: Mark GitHub Deployment as successful
103103
if: github.actor != 'dependabot[bot]'

.github/workflows/release.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -62,7 +62,7 @@ jobs:
6262
echo ""
6363
echo " npm install @inrupt/solid-ui-react"
6464
env:
65-
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
65+
NODE_AUTH_TOKEN: ${{ secrets.INRUPT_NPM_TOKEN }}
6666
- name: Mark GitHub Deployment as successful
6767
uses: octokit/[email protected]
6868
with:

0 commit comments

Comments
 (0)